/** 
 * @Project : ZNBSystem
 * @Title : PermissionToVerify.java
 * @Package com.ZNB.system.tool
 * @Description : TODO
 * @author 梁振兴
 * @E-mail zhenxingliang@sina.com
 * @date 2013-5-22 下午06:23:01
 * @Copyright : 2013 ZNB Inc. All rights reserved.
 * @version V 0.9 
 */
package com.cci.kangdao.utilTool;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import com.cci.kangdao.dao.model.ActionT;
import com.cci.kangdao.dao.model.FunctionT;

/**
 * 权限验证方法.<br />
 * 
 * @author 米艳春
 * @Copyright: Copyright (ZNB) 2013
 * @Company: 2013 ZNB Inc. All rights reserved.
 * @see (参考转向，相关主题)
 * @date 2013-5-22 下午06:23:01
 * @version V 0.9
 * 
 */
public class PermissionToVerify {
	/**
	 * 
	 * 权限验证方法.<br />
	 * 
	 * @param allaction
	 * @param allfun
	 * @param uri
	 * @return
	 */
	public static boolean permissionVerify(List<ActionT> allaction,
			List<FunctionT> allfun, String uri, HttpSession session,
			HttpServletRequest request) {
		
		if (allfun == null) {
			return false;
		}
		String action = request.getParameter("action");		
		if (action == null || action.equals("")) {// 功能
			for (FunctionT fun : allfun) {
				if (fun.getFunUrl().equalsIgnoreCase(uri)) {
					session.setAttribute("funid", fun.getId());
					return true;
				}
			}
		} else {// 动作
			if (allaction != null) {
				long funid = 0;
				for (FunctionT fun : allfun) {
					if (fun.getFunUrl().equalsIgnoreCase(uri)) {
						funid = fun.getId();
					}
				}
				if (funid == 0) {
					return false;
				}
				for (ActionT actions : allaction) {
					if (funid == actions.getFunId()
							&& actions.getActionUrl().equalsIgnoreCase(action)) {
						session.setAttribute("funid", actions.getFunId());
						return true;
					}
				}
			}
		}

		return false;
	}
	
	/**
	 * 
	 * @Title: JudgeUsersisAction
	 * @Description:判断用户是否有该操作
	 * @return
	 */
	public static boolean JudgeUsersisAction(List<ActionT> usersactions,
			Long funid, String action) {
		for (int i = 0; i < usersactions.size(); i++) {
			ActionT actiont = usersactions.get(i);
			if (funid == actiont.getFunId()
					&& actiont.getActionCode().equalsIgnoreCase(action)) {
				return true;
			}
		}
		return false;
	}
}
